from django.utils.deprecation import MiddlewareMixin
from django.shortcuts import HttpResponse
from django.http.response import JsonResponse
from .utils import verify_jwt_token

class verifity(MiddlewareMixin):
    def process_request(self,request):
        if request.path not in ['/Login','/Verify','/Index','/Register','/GetDetails','/Search','/TagList','/CategoryList'] :
            token=request.META.get("HTTP_TOKEN") #!必须增加前缀HTTP，同时大写
            if token:
                key,data=verify_jwt_token("blog-login",token)
                if not key:
                    return JsonResponse({"status":400,"message":"token过期"})
            else:
                return JsonResponse({"status":400,"message":"Invalid token"})
    # def process_response(self,request,response):
    #     return response
    
class Cors(MiddlewareMixin):#^跨域响应头
    def process_request(self,request):
        if request.method=="OPTIONS":
            return HttpResponse()
    def process_response(self,request,response):
        # 添加响应头
        
            # 允许你的域名来获取我的数据
            # response['Access-Control-Allow-Origin'] = "*"

            # # 允许你携带Content-Type请求头
            # # 允许自定义前端可以添加请求头 token 字段
            # response['Access-Control-Allow-Headers'] = "Content-Type,token"

            # # 允许你发送DELETE,PUT
            # response['Access-Control-Allow-Methods'] = "DELETE,PUT,POST,GET,CREATE,OPTIONS"
            return response